Provided by: esptool_2.1+dfsg1-2_all bug

NAME
       espsecure - ESP32 Secure Boot & Flash Encryption tool


DESCRIPTION
       usage: espsecure [OPTION] COMMAND

   command arguments:
       Run espsecure {command} -h for additional help

       digest_secure_bootloader
              Take a bootloader binary image and a secure boot key, and output a combined digest+binary suitable
              for flashing along with the precalculated secure boot key.

       generate_signing_key
              Generate  a  private key for signing secure boot images.  Key file is generated in PEM format, and
              contains a ECDSA NIST256p private key and matching public key.

       sign_data
              Sign a data file for use with secure boot. Signing algorithm is determinsitic ECDSA w/ SHA-512.

       verify_signature
              Verify a data file previously signed by "sign_data", using the public key.

       extract_public_key
              Extract the public verification key for signatures, save it as a raw binary file.

       digest_private_key
              Generate an SHA-256 digest of the private signing key.  This can be used as a reproducible  secure
              bootloader or flash encryption key.

       generate_flash_encryption_key
              Generate a development-use 32 byte flash encryption key with random data.

       decrypt_flash_data
              Decrypt some data read from encrypted flash (using known key)

       encrypt_flash_data
              Encrypt some data suitable for encrypted flash (using known key)

   optional arguments:
       -h, --help
              show this help message and exit


EXAMPLES
       Flash Espressif AT v1.4 firmware to an ESP-12S board:

              esptool   write_flash   --flash_mode   dio   --flash_size   4MB-c1   0x00   boot_v1.7.bin   0x1000
              at/1024+1024/user1.2048.new.5.bin 0xfe000 blank.bin  0x3fc000  esp_init_data_default.bin  0x3fe000
              blank.bin

       Display ESP32 efuse state summary:

              espefuse --port /dev/ttyUSB0 summary

       Generate a flash encryption key:

              espsecure generate_flash_encryption_key key.bin

       Burn the key to the device (WARNING: one time only operation):

              espefuse --port /dev/ttyUSB1 burn_key flash_encryption key.bin

       Encrypt flash data:

              espsecure   encrypt_flash_data   --keyfile   key.bin  --address  0x10000  -o  my-app-encrypted.bin
              my-app.bin


AUTHOR
       esptool.py was started by Fredrik Ahlberg as an unofficial community  project,  currently  maintained  by
       Angus  Gratton  and  supported by Espressif Systems (Shanghai) PTE LTD. This manual page was generated by
       Milan Kupcevic <milan@debian.org> for the Debian project and can be used by others.


REPORTING BUGS
       Review: <https://github.com/espressif/esptool/#troubleshooting>
       Known issues: <https://github.com/espressif/esptool/issues>
       Report new issues at: <https://github.com/espressif/esptool/issues/new>


COPYRIGHT
       Copyright © 2014-2016 Fredrik Ahlberg,  Angus  Gratton,  Espressif  Systems  (Shanghai)  PTE  LTD,  other
       contributors  as  noted.   License GPLv2+: GNU GPL version 2 or later <http://gnu.org/licenses/gpl.html>.
       This is free software: you are free to change and redistribute it.  There is NO WARRANTY, to  the  extent
       permitted by law.


SEE ALSO
       esptool(1), espefuse(1), espsecure(1)

esptool.py 2.1                                    November 2017                                     ESPSECURE(1)